Native cloud computing via network segmentation

ABSTRACT

Disclosed herein are systems, methods and storage medium associated with native cloud computing. In embodiments, a system may include a number of clusters of computing nodes, and a data communication network configured to couple the clusters of computing nodes. The system may further include a control node configured to segment or cause segmentation of the data communication network to isolate a cluster of the computing nodes from other clusters of the computing nodes, t for allocation for native execution of a computation task. The system may further include a control network coupled to the data communication network and the control node. Other embodiments may be disclosed and claimed.

TECHNICAL FIELD

Embodiments relate to the fields of data processing, in particular, tosystems, methods and storage medium associated with native cloudcomputing.

BACKGROUND

Unless otherwise indicated herein, the materials described in thissection are not prior art to the claims in this application and are notadmitted to be prior art by inclusion in this section.

With advances in integrated circuit, computing and networkingtechnologies, cloud computing has become popular. Recently, cloudcomputing has been employed for high performance computing, i.e.,computational intensive applications, such as scientific computing.Currently, for security reasons, i.e., separating the different userapplications, cloud computing typically instantiates and operates anumber of virtual machines on each computing node respectively for thedifferent user applications. As a result, performance may be 10-100times slower than native computing.

BRIEF DESCRIPTION OF THE DRAWING

Embodiments of the present disclosure will be presented by way ofexemplary embodiments, but not limitations, illustrated in theaccompanying drawings in which like references denote similar elements,and in which:

FIG. 1 illustrates an overview of a native cloud computing arrangement;

FIG. 2 illustrates an example segmentation of a data communicationnetwork to form native computing clouds;

FIG. 3 illustrates a method associated with native cloud computing;

FIG. 4 illustrate a non-transitory computer-storage medium configured toenable native cloud computing; and

FIG. 5 illustrates an example computer system suitable for use as acomputing node or the control node of a native cloud computingarrangement, where all of the foregoing illustrations are arranged inaccordance with embodiments of the present disclosure.

DETAILED DESCRIPTION

Embodiments of systems, methods and storage medium are associated withnative cloud computing. In various embodiments, a system may include anumber of clusters of computing nodes, and a data communication networkconfigured to couple the clusters of computing nodes. The system mayfurther include a control node configured to segment or causesegmentation of the data communication network to at leastcommunicatively isolate a cluster of the computing nodes from otherclusters of the computing nodes, for allocation for native execution ofa computation task. The system may further include a control networkcoupled to the data communication network, and the control node.

In various embodiments, the control node may be configured to segment orcause segmentation of the data communication network to at leastcommunicatively isolate the cluster of computing nodes to be allocated,in response to a request received from a user node, via the controlnetwork, for computing resources to execute the computation task, andthe cluster of computer nodes is available for allocation and includescomputational resources substantially sufficient to meet the request.The request may include a specification of a number of clusters and/orcomputing nodes, a specification of processor computing capacity, aspecification of system memory capacity, a specification of persistentstorage capacity, a specification input/output capacity, a specificationof one or more operating systems, a specification of one or moreprograms associated with the computation task, a specification of one ormore data sources or sinks associated with the computation task, and/ora specification of expected execution duration of the computation task.

In various embodiments, the control node may be further configured toprovision or cause to be provisioned respective operating systems tocomputing nodes of the allocated cluster of computing nodes, load orcause to be loaded data associated with the computation task into thecomputing nodes to be provisioned, and/or launch or cause to be launchedone or more programs associated with the computation task for nativeexecution on the provisioned computing nodes. The control node may alsobe further configured to erase or cause to be erased all data associatedwith the computation task in the allocated cluster of computing nodes,after completion of the native execution of the computation task.

In various embodiments, the data communication network may be furtherconfigured to couple the clusters of computing nodes to Internet. Thedata communication network may comprise a first collection of networkingdevices, and the control network may comprise a second collection ofnetworking devices, where the first and second collections of networkingdevices are different networking devices. In other embodiments, the datacommunication network may comprise a first collection of networkingpaths through a number of networking devices, and the control networkmay comprise a second collection of networking paths through at leastsome of the same networking devices, however, the first and secondcollection of networking paths are different networking paths ordifferent protocols over the same networking paths.

In various embodiments, a method may include receiving, by a controlnode, from a user node, a request for cloud computing nodes to beallocated for execution of a computational task, and determining, by thecontrol node, a cluster of computing nodes is available for allocationand includes computational resources substantially sufficient to meetthe request. The cluster of computing nodes may be coupled to otherclusters of computing nodes via a data communication network. The methodmay further include segmenting or causing segmentation of, by thecontrol node, the data communication network to at least communicativelyisolate the cluster of computing nodes from the other clusters of thecomputing nodes; and allocating, by the control node, the isolatedcluster of computing nodes for native execution of the computationaltask.

In various embodiments, a non-transitory computer-readable storagemedium may include programming instructions stored therein configured toprogram a server to perform the above described method, in response toexecution of the programming instructions by the server.

Various aspects of the illustrative embodiments will be described usingterms commonly employed by those skilled in the art to convey thesubstance of their work to others skilled in the art. However, it willbe apparent to those skilled in the art that alternate embodiments maybe practiced with only some of the described aspects. For purposes ofexplanation, specific numbers, materials, and configurations are setforth in order to provide a thorough understanding of the illustrativeembodiments. However, it will be apparent to one skilled in the art thatalternate embodiments may be practiced without the specific details. Inother instances, well-known features are omitted or simplified in ordernot to obscure the illustrative embodiments.

Further, various operations will be described as multiple discreteoperations, in turn, in a manner that is most helpful in understandingthe illustrative embodiments; however, the order of description shouldnot be construed as to imply that these operations are necessarily orderdependent. In particular, these operations need not be performed in theorder of presentation.

The term “native execution” is used herein. The term, when used in thecontext of executing a task, refers to direct execution of the task on acomputing node, as opposed to execution of the task in one of a numberof virtual machines instantiated on the computing node. The terms“segment,” “segmentation,” and other variants are used herein. Theseterms, when used in the context of segmenting a data communicationnetwork coupling clusters of computing resources, refer to configuringthe data communication network in a manner such that one or moreclusters of computing nodes are at least communicatively isolated fromother computing nodes, allowing the at least communicatively isolatedcluster/clusters of computing nodes to be allocated for native executionof a task. In embodiments, in addition to being communicativelyisolated, the isolated cluster/clusters of computing nodes may bephysically isolated, i.e., separated, from the other cluster/clusters ofcomputing nodes.

The phrase “in one embodiment” is used repeatedly. The phrase generallydoes not refer to the same embodiment; however, it may. The terms“comprising,” “having,” and “including” are synonymous, unless thecontext dictates otherwise. The phrase “A/B” means “A or B”. The phrase“A and/or B” means “(A), (B), or (A and B)”. The phrase “at least one ofA, B and C” means “(A), (B), (C), (A and B), (A and C), (B and C) or (A,B and C)”. The phrase “(A) B” means “(B) or (A B)”, that is, A isoptional.

Referring now to FIG. 1, wherein an overview of a native cloud computingarrangement is illustrated. As shown, native cloud computing arrangement100 may include various clusters of computing nodes 102 and datacommunication network 104 configured to couple the clusters of computingnodes 102 to each other and to Internet 105. Native cloud computingarrangement 100 may further include control network 106 coupled to datacommunication network 104, control node 108 and user node 110. User node110 may be coupled to control network 106 and data communication network104 via Internet 105. Control node 108 may be configured to segment datacommunication network 104 to at least communicatively isolate a clusterof computing nodes 102 for allocation for native execution of a task, inresponse to a request from user node 110 for cloud computing resourcesfor execution of the task, to be described in more detail below.

Each computing nodes of the various clusters of computing nodes 102 mayhave one or several CPUs, local random-access memory, and input/output(I/O) facilities like hard disk drive, etc. Computing nodes may be anycomputing systems known in the art, e.g., computing servers availablefrom Dell Computer of Austin, Tex., or Hewlett Packard of Palo Alto. Invarious embodiments, a computing server may comprise of blade servers. Ablade server may comprise of multi-core processors, e.g., multi-coreprocessors from Intel Corporation of Santa Clara, Calif. A blade servermay also include system memory, mass storage, and/or one or morenetworking cards/interfaces of various types. An example of a computingnode 102 will be described in further detail later, with references toFIG. 5. The number of computing nodes 102, the computing capacity of thecomputing nodes, and the networking types employed may vary fromimplementation to implementation, depending on the number ofcomputational intensive tasks to be supported concurrently, thecomputational intensities, and the data communication characteristics ofthese tasks.

Data communication network 104 may be any high speed network or networksconfigured to facilitate data communication between the clusters ofcomputing nodes 102, e.g., 10G Ethernet or InfiniBand. Datacommunication network 104, except of the teachings of the presentdisclosure, may comprise any high speed networking devices, such as highspeed routers, switches and/or gateways, known in the art, e.g., highspeed routers, switches and gateways available from Cisco Systems, Inc.,San Jose, Calif., Mellanox, San Jose, Calif., or Netgear, Inc., SanJose, Calif. Data communication network 104 may be wired, wireless orboth. In various embodiments, the routers, switches and/or gateways ofdata communication network 104 may be arranged in a manner so that datacommunication network 104 may be segmented to selectively isolatecomputing nodes, at least communication-wise, into collections ofdifferent sizes.

Referring now also to FIG. 2, wherein various embodiments with 16clusters of computing nodes 102 aa-102 dd are illustrated. For theembodiments, the routers et al. of data communication network 104 may bearranged in a manner such that the 16 clusters of computing nodes 102aa-102 dd, may be segmented into 2 collections of 8 clusters ofcomputing nodes, by e.g., “blocking” data traffic at switching point S2(described in more detail below). The first collection of 8 clusters ofcomputing nodes includes clusters of computing nodes 102 aa-102 ab, 102ba-102 bb, 102 ca-102 cb and 102 da and 102 db, whereas the secondcollection of 8 clusters of computing nodes includes computing nodes 102ac-102 ad, 102 bc-102 bd, 102 cc-102 cd and 102 dc and 102 dd. Each ofthese collections of clusters of computing nodes is at leastcommunicatively isolated and secured from the other collection ofclusters computing nodes.

Still referring to FIG. 2, the second collection of 8 clusters ofcomputing nodes, may be further segmented into 2 smaller collections of4 clusters computing nodes, by e.g., “blocking” data traffic atswitching point S3. The first of these two new collections of 4 clustersof computing nodes includes clusters of computing nodes 102 ac-102 ad,102 bc-102 bd, whereas the second new collection of 4 clusters ofcomputing nodes includes clusters of computing nodes 102 cc-102 cd and102 dc and 102 dd. Similarly, each of these new collections of clustersof computing nodes is at least communicatively isolated and secured fromthe other collections of clusters of computing nodes.

The foregoing example is intended to be illustrative and not to be readas limiting on the present disclosure. Other number of clusters ofcomputing nodes 102, and other segmenting arrangements may be practiced,without limitation. In particular, it is anticipated that inembodiments, data communication network 104 may be segmented to at leastcommunicatively isolate a cluster of computing nodes 102 from otherclusters of computing nodes. Further, the isolated cluster/clusters ofcomputing nodes 102 may remain coupled to the Internet, and the othercluster/clusters of computing nodes 102 may remain available forallocation to service other cloud computing requests.

Referring back to FIG. 1, as described earlier, native cloud computingarrangement 100 may include control network 106. Unlike datacommunication network 104, control network 106 may be a limitedbandwidth network or networks. Control network 106, except of theteachings of the present disclosure, may comprise any low to mid-rangeperformance networking devices, such as low to mid-range performancerouters, switches and/or gateways, known in the art, e.g., low tomid-range routers, switches and gateways available from Cisco Systems,Inc., of San Jose, Calif., or Netgear, Inc., of San Jose, Calif. Controlnetwork 106 may likewise be wired, wireless or both.

In various embodiments, data communication network 104 and controlnetwork 106 may comprise respectively different groups of networkingdevices. In some embodiments, at least part of data communicationnetwork 104 and control network 106 may comprise respectively differentseparated groups of networking paths routed over common networkingdevices, or different protocols over same common networking paths.

As described earlier native cloud computing arrangement 100 may includecontrol node 108. Control node 108 may include control logic/elementsconfigured to perform the control functions described herein. In variousembodiments, the control logic/elements may include user interface 122configured to receive from user node 110 a request for cloud computingresources for executing a computational task, and scheduler 124operatively coupled to the user interface 122 and configured todetermine whether one or more clusters of computing nodes 102 areavailable and include sufficient computing resource to substantiallymeet the request for allocation for native execution of thecomputational task. Scheduler 124 may be further configured to allocatethe cluster/clusters 102 on determination of their availability andhaving sufficient resources. The control logic/elements may furtherinclude network/cluster interface 126 operatively coupled to scheduler122 and configured to segment data communication network 104 to isolatethe allocated cluster/clusters 102. User interface 122, scheduler 124and network/cluster interface 126 may be implemented in hardware,software, or a combination of both. In various embodiments, userinterface 122, scheduler 124 and/or network/cluster interface 126 may becombined, e.g., together forming a controller.

Likewise, as described earlier, native cloud computing arrangement 100may include user node 110. User node 110 may include browser 132configured to enable user node 110 to submit a request for cloudcomputing resources for executing a computational task, e.g. byaccessing a webpage (not shown) provided by control node 108. Browser132 may be further configured to enable user node 110 to receive inresponse a notice of an allocation of cluster/clusters of computationnodes 102, wherein the allocated cluster/clusters of computation nodes102 are isolated from other cluster/clusters of computation nodes 102 byvirtue of data communication network 104 having been segmented. Inalternate embodiments, browser 132 may be provided with a plug-in (notshown) to browser 132 configured to enable user node 110 to submit therequest and/or receive the allocation notice. In still otherembodiments, in lieu of browser 132, user node 110 may be provided withan agent (not shown) of control node 108 configured to provide similarfunctionalities.

Similar to computing nodes of clusters 102, except of the teachings ofthe present disclosure incorporated therein, control node 108 and/oruser node 110 may be any computing systems known in the art, e.g.,desktop, laptop or tablet computers available from Dell Computer ofAustin, Tex., or Hewlett Packard of Palo Alto. In various embodiments, acomputing server may comprise of blade servers. Control node 108 and/oruser node 110 may comprise of multi-core processors, e.g., multi-coreprocessors from Intel Corporation of Santa Clara, Calif. Control node108 and/or user node 110 may also include system memory, mass storageand/or one or more networking cards/interfaces of various types. Controlnode 108 and user node 110 may be similar or dissimilar computingdevices. In various embodiments, control node 108 and user node 110 maybe the same computing device. Further, control node 108 or user node 110may be one of the computing nodes of clusters 102, or both are alsocomputing nodes of clusters 102. An example of a control node 108 and/oruser node 110 will also be described in further detail later, withreferences to FIG. 5.

FIG. 3 illustrates a method associated with native cloud computing, inaccordance with various embodiments. As shown, method 300 may start atblock 302 with control node 108 receiving a request from a user node 110for cloud computing resources. In various embodiments, the request mayinclude a specification of a number of clusters and/or computing nodes,a specification of processor computing capacity, a specification ofsystem memory capacity, a specification of persistent storage capacity,a specification input/output capacity, a specification of one or moreoperating systems, a specification of one or more programs associatedwith the computation task, a specification of one or more data sourcesor sinks associated with the computation task, and/or a specification ofexpected execution duration of the computation task. In variousembodiments, the request may explicitly request native computing nodes.

From block 302, method 300 may proceed to block 304, wherein controlnode 108 may determine whether to fill the request with native computingresource, including whether there are sufficient native computingresources available to substantially meet the request. In variousembodiments, control node 108 may be configured to fill the request withnative computing nodes, if the request explicitly requests them. Invarious embodiments, control node 108 may be configured to fill therequest with native computing nodes, if the request requests forprocessor computing capacity in excess of a threshold. In variousembodiments, control node 108 may be configured to fill a request with anative computing cloud with computing resources/capacities thatsubstantially meet the request, as opposed to precisely or exceedinglymeeting the request.

From block 304, on determining to fill a request with native computingresource and that there are sufficient native computing resourcesavailable to substantially fill the request, method 300 may proceed toblock 306, wherein control node 108 may segment or cause to be segmenteddata communication network 104 to at least communicatively isolate oneor more clusters of computing nodes to be allocated for native executionof the user's task(s). Control node 108 may segment or cause to besegmented data communication network 104 by directly configuring orcausing configuration of the routing, connections and/or protocols ofthe networking elements of data communication network 104 to block datacommunications between the isolated cluster or clusters of computingnodes with the other clusters of computing nodes. Control node 108 maycause configuration e.g., by issuing instructions to operators toconfigure the networking elements, routers, switches, cables and soforth. The instructions may include privileged and/or user inaccessiblecommands for the networking elements. The instructions may includeinstructions to the operators to physically decouple certain networkingelements, resulting in one or more clusters of computing nodes beingphysically isolated from the other clusters of computing nodes.

From block 306, on segmenting data communication network 104 to at leastcommunicatively isolate the cluster or clusters of computing nodes forallocation, method 300 may proceed to block 308, wherein control node108 may allocate the isolated cluster or clusters of computing nodes 102to the request, provision or cause to be provisioned default orspecified operating systems to the computing nodes of the allocatedcluster/clusters of computing nodes. In various embodiments, controlnode 108 may further load and launch, or cause to be loaded/launched theassociated applications for native execution on the provisionedcluster/clusters of computing nodes. In various embodiments, controlnode 108 may further copy or cause to copied application data into theprovisioned cluster/clusters of computing nodes. In various embodiments,control node 108 may cause the provisioning, loading/launching and/orcopying by issuing instructions to user node 110 or the allocatedcluster/clusters of computing nodes to perform the provisioning,loading/launching and/or copying by issuing instructions to theallocated cluster/clusters of computing nodes to perform theprovisioning, loading/launching and/or copying. User node 110 mayperform the provisioning, loading/launching and/or copying, responsiveto inputs from a user of user node 110. As described earlier, theallocated cluster/clusters of computing nodes is/are isolated andsecured from other clusters of computing nodes, by virtue of at leastthe segmentation of data communication segment. Thus, the user task(s)may be executed securely and natively on the allocated cluster/clustersof computing nodes, and potentially gaining 10-100× in executionperformance compared to the classical cloud arrangements that usevirtual machines (VM) to achieve a comparable level of security.Accordingly, the native cloud computing method and apparatus of thepresent disclosure may be particularly suitable for high performancecomputing, i.e., computational intensive applications, such asscientific computing. In various embodiments, the method may furtherinclude control node 108 erasing or causing to be erased data associatedwith the computing task from the allocated cluster/clusters of computingnodes 102. Erasure may include overwriting random access memory, caches,and any I/O facilities of the allocated cluster/clusters of computingnodes that were used, e.g., user specific area on the local and sharedhard disk drives of the allocated cluster/clusters of computing nodes.Further, data associated with the task residing on shared resources ofthe allocated cluster/clusters of computing nodes may be optionallybacked up, irretrievably removed, and made available for retrieval againonly at a subsequent specific user's request. In embodiments, theassociated data, including execution result, may be made retrievablethrough the Internet.

FIG. 4 illustrates a non-transitory computer-readable storage medium, inaccordance with various embodiments of the present disclosure. Asillustrated, non-transitory computer-readable storage medium 402 mayinclude a number of programming instructions 404. Programminginstructions 404 may be configured to enable an apparatus, in responseto execution of the programming instructions, to perform operations,including:

-   -   receiving from a user node, a request for cloud computing nodes        to be allocated for execution of a computational task;    -   determining a cluster of computing nodes is available for        allocation and comprise computational resources sufficient to        substantially meet the request, the cluster of computing nodes        being coupled to other clusters of computing nodes via a data        communication network;    -   segmenting or causing to be segmented the data communication        network to isolate the cluster of computing nodes from other        clusters of the computing nodes; and    -   allocating the isolated cluster of computing nodes for native        execution of the computational task.

FIG. 5 illustrates an example computer system suitable for use as acomputing node or the control node in accordance with variousembodiments of the present disclosure. As shown, computing system 500includes a number of processors or processor cores 502, and systemmemory 504. For the purpose of this application, including the claims,the terms “processor” and “processor cores” may be consideredsynonymous, unless the context clearly requires otherwise. Additionally,computing system 500 includes mass storage devices 506 (such asdiskette, hard drive, compact disc read only memory (CDROM) and soforth), input/output devices 508 (such as display, keyboard, cursorcontrol and so forth) and communication interfaces 510 (such as networkinterface cards, modems and so forth). The elements are coupled to eachother via system bus 512, which represents one or more buses. In thecase of multiple buses, they are bridged by one or more bus bridges (notshown).

Each of these elements performs its conventional functions known in theart. In particular, system memory 504 and mass storage 506 may beemployed to store a working copy and a permanent copy of the programminginstructions implementing the method of FIG. 3, or portions thereof,herein collectively denoted as, computational logic 522. The variouscomponents may be implemented by assembler instructions supported byprocessor(s) 502 or high-level languages, such as, for example, C, thatcan be compiled into such instructions.

The permanent copy of the programming instructions may be placed intopermanent storage 506 in the factory, or in the field, through, forexample, a distribution medium (not shown), such as a compact disc (CD),or through communication interface 710 (from a distribution server (notshown)). That is, one or more distribution media having animplementation of the agent program may be employed to distribute theagent and program various computing devices.

The constitution of these elements 502-512 are known, and accordinglywill not be further described.

Although specific embodiments have been illustrated and describedherein, it will be appreciated by those of ordinary skill in the artthat a wide variety of alternate and/or equivalent implementations maybe substituted for the specific embodiments shown and described, withoutdeparting from the scope of the embodiments of the present invention.This application is intended to cover any adaptations or variations ofthe embodiments discussed herein. Therefore, it is manifestly intendedthat the embodiments of the present invention be limited only by theclaims and the equivalents thereof.

1. A system, comprising: a plurality of clusters of computing nodes; adata communication network configured to couple the clusters ofcomputing nodes; and a control node coupled to the data communicationnetwork, and configured to: segment the data communication network, orcause the data communication network to be segmented, to communicativelyor physically isolate a cluster of computing nodes from other clustersof computing nodes for allocation for native execution of a computationtask requested from a user node, and provision or cause to beprovisioned respective operating systems to computing nodes of theallocated cluster of computing nodes.
 2. The system of claim 1, furthercomprising a control network coupled with the data communication networkand the control node, wherein the control node is configured to segmentthe data communication network, or cause the data communication networkto be segmented, to communicatively or physically isolate the cluster ofcomputing nodes to be allocated, via the control network, in response toa request received from the user node, for computing resources toexecute the computation task, and the cluster of computing nodes isavailable for allocation and comprise computational resourcessubstantially sufficient to meet the request.
 3. The system of claim 2,wherein the request comprises a specification of a number of clusters orcomputing nodes, a specification of processor computing capacity, aspecification of system memory capacity, a specification of persistentstorage capacity, a specification of input/output capacity, aspecification of one or more operating systems, a specification of oneor more programs associated with the computation task, a specificationof one or more data sources or sinks associated with the computationtask, and/or a specification of expected execution duration of thecomputation task.
 4. The system of claim 1, wherein the control node isfurther configured to load or cause to be loaded data associated withthe computation task into the computing nodes to be provisioned, orlaunch or caused to be launched one or more programs associated with thecomputation task for native execution on the provisioned computingnodes.
 5. The system of claim 1, wherein the control node is furtherconfigured to erase or cause to be erased all data associated with thecomputation task in the allocated cluster of computing nodes, aftercompletion of the native execution of the computation task.
 6. Thesystem of claim 1, wherein the data communication network is furtherconfigured to couple the clusters of computing nodes to Internet.
 7. Thesystem of claim 2, wherein the data communication network comprises afirst plurality of networking devices, and the control network comprisesa second plurality of networking devices, and wherein the first andsecond plurality of networking devices comprises at least some differentnetworking devices.
 8. The system of claim 2, wherein the datacommunication network comprises a first plurality of networking pathsthrough a plurality of networking devices, and the control networkcomprises a second plurality of networking paths through the pluralityof networking devices, and wherein the first and second plurality ofnetworking paths are different networking paths, or different protocolsover same networking paths.
 9. A method comprising: receiving, by acontrol node, from a user node, a request for cloud computing nodes tobe allocated for execution of a computation task; determining, by thecontrol node, at least a cluster of cloud computing nodes is availablefor allocation and comprise computational resources sufficient tosubstantially meet the request, the cluster of cloud computing nodesbeing coupled to other clusters of cloud computing nodes via a datacommunication network; segmenting or causing segmentation of, by thecontrol node, the data communication network to communicatively orphysically isolate the cluster of cloud computing nodes from the otherclusters of cloud computing nodes; allocating, by the control node, theisolated cluster of cloud computing nodes for native execution of thecomputation task; and by the control node, loading or causing to beloaded data associated with the computation task into the cloudcomputing nodes to be provisioned.
 10. The method of claim 9, whereinreceiving a request message comprises receiving the request via acontrol network, and wherein segmenting the data communication networkcomprises segmenting the data communication network via the controlnetwork.
 11. The method of claim 9, wherein receiving a requestcomprises receiving a request having a specification of a number ofclusters or cloud computing nodes, a specification of processorcomputing capacity, a specification of system memory capacity, aspecification of persistent storage capacity, a specification ofinput/output capacity, a specification of one or more operating systems,a specification of one or more programs associated with the computationtask, or a specification of one or more data sources or sinks associatedwith the computation task, and/or a specification of expected executionduration of the computation task.
 12. The method of claim 9, whereinsegmenting comprises configuring, via the control network, one or morenetworking devices of the data communication network, one or more pathsthrough one or more networking devices of the data communicationnetwork, or one or more protocols over one or more paths through one ormore networking devices of the data communication network.
 13. Themethod of claim 9, further comprising the control node provisioning orcausing to be provisioned respective operating systems to computingnodes of the allocated cluster of computing nodes, or launching orcausing to be launched one or more programs associated with thecomputation task for native execution on the provisioned computingnodes.
 14. The method of claim 9, further comprising the control nodeerasing or causing to be erased all data associated with the computationtask in the allocated cluster of cloud computing nodes, after completionof the native execution of the computation task.
 15. A computer-readablenon-transitory storage medium, comprising a plurality of programminginstructions stored in the storage medium, configured to cause anapparatus, in response to execution of the programming instructions bythe apparatus, to: receive from a user node, a request for cloudcomputing nodes to be allocated for execution of a computational task;determine at least a cluster of cloud computing nodes is available forallocation and comprise computational resources sufficient tosubstantially meet the request, the cluster of cloud computing nodesbeing coupled to other clusters of cloud computing nodes via a datacommunication network; segmenting or causing to be segmented the datacommunication network to communicatively or physically isolate thecluster of cloud computing nodes from other clusters of cloud computingnodes; allocating the isolated cluster of cloud computing nodes fornative execution of the computational task; and launch or cause to belaunched one or more programs associated with the computation task fornative execution on the allocated cloud computing nodes.
 16. The storagemedium of claim 15, wherein receive a request comprises receive arequest via a control network, and wherein segment the datacommunication network comprises segment the data communication networkvia the control network.
 17. The storage medium of claim 15, whereinreceive a request comprises receive a request having a specification ofa number of clusters or computing nodes, a specification of processorcomputing capacity, a specification of system memory capacity, aspecification of persistent storage capacity, a specification ofinput/output capacity, a specification of one or more operating systems,a specification of one or more programs associated with the computationtask, a specification of one or more data sources or sinks associatedwith the computation task, and/or a specification of expected executionduration of the computation task.
 18. The storage medium of claim 15,wherein segment or cause to be segmented the data communication networkcomprises configure, via the control network, one or more networkingdevices of the data communication network, one or more paths through oneor more networking devices of the data communication network, or one ormore protocols over one or more paths through one or more networkingdevices of the data communication network.
 19. The storage medium ofclaim 15, wherein the operations further include provisioning or causingto be provisioned the allocated computing nodes with respectiveoperating systems, or loading or causing to be loaded data associatedwith the computation task into the allocated computing nodes.
 20. Thestorage medium of claim 15, wherein the plurality of programminginstructions stored in the storage medium are further configured tocause an apparatus, in response to execution of the programminginstructions by the apparatus, to erase or cause to be erased all dataassociated with the computation task in the allocated cluster of cloudcomputing nodes, after completion of the native execution thecomputation task.
 21. An apparatus comprising: a processor; a userinterface operated by the processor and configured to receive, from auser node, a request for cloud computing resource to be allocated forexecution of a computational task; a scheduler operatively coupled tothe user interface, and configured to determine whether a cluster ofcomputing nodes is available for allocation and comprise computationalresources sufficient to substantially meet the request, and to allocatethe cluster of computing nodes for native execution of the computationtask, on determination that the cluster of computing nodes comprisecomputational resources sufficient to substantially meet the request andavailable for allocation, wherein the cluster of computing nodes iscoupled to other clusters of computing nodes via a data communicationnetwork, and provision or cause to be provisioned respective operatingsystems to computing nodes of the allocated cluster of computing nodes,and launch or cause to be launched one or more programs associated withthe computation task for native execution on the provisioned computingnodes; and a network/cluster interface operatively coupled to theschedule and configured to segment or cause to be segmented the datacommunication network to communicatively or physically isolate thecluster of computing nodes from other clusters of computing nodes, onallocation of the cluster of computing nodes for native execution of thecomputation task.
 22. The apparatus of claim 21, wherein the requestcomprises a specification of processor computing capacity, aspecification of system memory capacity, a specification of persistentstorage capacity, a specification of input/output capacity, aspecification of one or more operating systems, a specification of oneor more programs associated with the computation task, and/or aspecification of one or more data sources or sinks associated with thecomputation task.
 23. The apparatus of claim 21, wherein the scheduleris configured to segment one or more paths through one or morenetworking devices of the data communication network, or one or moreprotocols over one or more paths through one or more networking devicesof the data communication network, to segment the data communicationnetwork.
 24. The apparatus of claim 21, wherein the scheduler is furtherconfigured to load or cause to be loaded data associated with thecomputation task into the computing nodes to be provisioned.
 25. Theapparatus of claim 21, wherein the scheduler is further configured toerase or cause to be erased all data associated with the computationtask in the allocated cluster of computing nodes, after completion ofthe native execution of the computation task.
 26. A non-transitorycomputer-readable storage medium having instructions stored therein, theinstructions, which when executed on a user computing node, cause theuser computing node to: submit a request, to a control node, for cloudcomputing resource for execution of a computational task, wherein therequest includes a specification of a number of clusters or computingnodes, a specification of processor computing capacity, a specificationof system memory capacity, a specification of persistent storagecapacity, a specification input/output capacity, a specification of oneor more operating systems, a specification of one or more programsassociated with the computation task, or a specification of one or moredata sources or sinks associated with the computation task, and/or aspecification of expected execution duration of the computation task;receive, from the control node, a notice of an allocation of a clusterof computing nodes for native execution of the computational task,wherein the cluster of computing nodes is communicatively or physicallyisolated from other cluster of computing nodes by virtue of a datacommunication network coupling the clusters of computing nodes havingbeen segmented; and load data associated with the computation task intothe provisioned computing nodes, or launch one or more programsassociated with the computation task for native execution on thecomputing nodes, responsive to inputs from a user of the user computingnode.
 27. The storage medium of claim 26, wherein the instructions whenexecuted on a user computing node, cause the user computing node to:provision the allocated cluster of computing nodes with respectiveoperating systems.